139.219.0.173 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Many RDP login attempts detected by IDS script	2019-07-25 07:02:39

相同子网IP讨论:

IP	类型	评论内容	时间
139.219.0.102	attack	prod11 ...	2020-09-09 20:01:02
139.219.0.102	attackbots	Sep 9 01:32:47 mail sshd\[63284\]: Invalid user shera from 139.219.0.102 ...	2020-09-09 13:58:26
139.219.0.102	attackbots	Sep 1 15:30:43 jane sshd[18170]: Failed password for root from 139.219.0.102 port 52504 ssh2 ...	2020-09-02 01:16:17
139.219.0.102	attack	Tried sshing with brute force.	2020-08-16 08:34:13
139.219.0.102	attackspambots	Aug 14 06:46:06 rancher-0 sshd[1076642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root Aug 14 06:46:09 rancher-0 sshd[1076642]: Failed password for root from 139.219.0.102 port 49292 ssh2 ...	2020-08-14 14:08:38
139.219.0.102	attackbots	Failed password for root from 139.219.0.102 port 21566 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root Failed password for root from 139.219.0.102 port 63408 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root Failed password for root from 139.219.0.102 port 49744 ssh2	2020-08-02 04:51:21
139.219.0.102	attack	Jul 31 23:31:34 santamaria sshd\[24041\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root Jul 31 23:31:36 santamaria sshd\[24041\]: Failed password for root from 139.219.0.102 port 62796 ssh2 Jul 31 23:35:57 santamaria sshd\[24174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root ...	2020-08-01 08:19:45
139.219.0.102	attack	Jul 31 15:09:10 abendstille sshd\[31748\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root Jul 31 15:09:11 abendstille sshd\[31748\]: Failed password for root from 139.219.0.102 port 45710 ssh2 Jul 31 15:12:53 abendstille sshd\[2746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root Jul 31 15:12:55 abendstille sshd\[2746\]: Failed password for root from 139.219.0.102 port 22766 ssh2 Jul 31 15:16:46 abendstille sshd\[6345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 user=root ...	2020-08-01 04:11:08
139.219.0.102	attackbotsspam	Jul 29 19:28:15 ift sshd\[14466\]: Invalid user gengxin from 139.219.0.102Jul 29 19:28:18 ift sshd\[14466\]: Failed password for invalid user gengxin from 139.219.0.102 port 59032 ssh2Jul 29 19:31:02 ift sshd\[15229\]: Invalid user arjun from 139.219.0.102Jul 29 19:31:03 ift sshd\[15229\]: Failed password for invalid user arjun from 139.219.0.102 port 63240 ssh2Jul 29 19:33:49 ift sshd\[15462\]: Invalid user xn from 139.219.0.102 ...	2020-07-30 02:28:00
139.219.0.102	attackspambots	Jul 25 17:27:33 vmd36147 sshd[9571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 Jul 25 17:27:35 vmd36147 sshd[9571]: Failed password for invalid user sona from 139.219.0.102 port 25978 ssh2 Jul 25 17:31:30 vmd36147 sshd[18209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 ...	2020-07-26 01:15:49
139.219.0.102	attackbots	Jul 24 16:34:57 mail sshd[24068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 Jul 24 16:34:58 mail sshd[24068]: Failed password for invalid user manoj from 139.219.0.102 port 10934 ssh2 ...	2020-07-24 23:41:43
139.219.0.102	attackspambots	Invalid user rolo from 139.219.0.102 port 24558	2020-07-15 08:58:29
139.219.0.102	attack	2020-07-11T10:15:05.810912vps773228.ovh.net sshd[10786]: Invalid user xxshi from 139.219.0.102 port 58152 2020-07-11T10:15:05.827025vps773228.ovh.net sshd[10786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.0.102 2020-07-11T10:15:05.810912vps773228.ovh.net sshd[10786]: Invalid user xxshi from 139.219.0.102 port 58152 2020-07-11T10:15:08.101727vps773228.ovh.net sshd[10786]: Failed password for invalid user xxshi from 139.219.0.102 port 58152 ssh2 2020-07-11T10:18:06.198175vps773228.ovh.net sshd[10807]: Invalid user juliette from 139.219.0.102 port 16978 ...	2020-07-11 16:33:50
139.219.0.102	attackspambots	Invalid user russel from 139.219.0.102 port 39168	2020-07-11 08:05:10
139.219.0.102	attackspam	$f2bV_matches	2020-06-29 13:30:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.219.0.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4568
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.219.0.173.			IN	A

;; AUTHORITY SECTION:
.			3465	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 07:02:33 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 173.0.219.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 173.0.219.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.142.148.2	attackbots	[portscan] Port scan	2019-08-21 21:45:36
78.94.62.162	attackspam	port scan and connect, tcp 3306 (mysql)	2019-08-21 21:44:01
183.82.121.34	attackspam	Aug 21 13:31:12 game-panel sshd[18567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 Aug 21 13:31:13 game-panel sshd[18567]: Failed password for invalid user abc123 from 183.82.121.34 port 54891 ssh2 Aug 21 13:35:46 game-panel sshd[18735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34	2019-08-21 21:49:17
144.217.5.73	attackspambots	Automatic report - Banned IP Access	2019-08-21 20:58:25
213.32.12.3	attackbotsspam	Aug 21 14:55:54 lnxweb61 sshd[21662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.12.3	2019-08-21 21:48:34
202.88.241.107	attack	Unauthorized SSH login attempts	2019-08-21 20:43:24
150.214.136.51	attackspambots	Aug 21 03:11:50 php2 sshd\[15793\]: Invalid user mirc from 150.214.136.51 Aug 21 03:11:50 php2 sshd\[15793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=morfeo.us.es Aug 21 03:11:52 php2 sshd\[15793\]: Failed password for invalid user mirc from 150.214.136.51 port 44114 ssh2 Aug 21 03:16:56 php2 sshd\[16231\]: Invalid user xtn from 150.214.136.51 Aug 21 03:16:56 php2 sshd\[16231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=morfeo.us.es	2019-08-21 21:23:19
36.156.24.43	attack	Aug 21 19:43:16 webhost01 sshd[27074]: Failed password for root from 36.156.24.43 port 47374 ssh2 ...	2019-08-21 20:51:36
222.143.242.69	attack	Aug 21 14:43:26 bouncer sshd\[6330\]: Invalid user dv from 222.143.242.69 port 40114 Aug 21 14:43:26 bouncer sshd\[6330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.143.242.69 Aug 21 14:43:28 bouncer sshd\[6330\]: Failed password for invalid user dv from 222.143.242.69 port 40114 ssh2 ...	2019-08-21 20:49:28
69.12.92.22	attackbotsspam	Unauthorized access to web resources	2019-08-21 21:28:47
210.242.157.12	attackspam	Aug 21 02:48:31 hiderm sshd\[29695\]: Invalid user teacher from 210.242.157.12 Aug 21 02:48:31 hiderm sshd\[29695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210-242-157-12.hinet-ip.hinet.net Aug 21 02:48:33 hiderm sshd\[29695\]: Failed password for invalid user teacher from 210.242.157.12 port 58869 ssh2 Aug 21 02:54:56 hiderm sshd\[30210\]: Invalid user jair from 210.242.157.12 Aug 21 02:54:56 hiderm sshd\[30210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210-242-157-12.hinet-ip.hinet.net	2019-08-21 21:06:16
46.161.39.219	attack	Aug 21 05:22:44 home sshd[24124]: Invalid user eun from 46.161.39.219 port 51490 Aug 21 05:22:44 home sshd[24124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.161.39.219 Aug 21 05:22:44 home sshd[24124]: Invalid user eun from 46.161.39.219 port 51490 Aug 21 05:22:46 home sshd[24124]: Failed password for invalid user eun from 46.161.39.219 port 51490 ssh2 Aug 21 05:31:04 home sshd[24139]: Invalid user sftpuser from 46.161.39.219 port 33068 Aug 21 05:31:04 home sshd[24139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.161.39.219 Aug 21 05:31:04 home sshd[24139]: Invalid user sftpuser from 46.161.39.219 port 33068 Aug 21 05:31:06 home sshd[24139]: Failed password for invalid user sftpuser from 46.161.39.219 port 33068 ssh2 Aug 21 05:35:05 home sshd[24165]: Invalid user sicher from 46.161.39.219 port 59680 Aug 21 05:35:05 home sshd[24165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= r	2019-08-21 21:30:22
177.220.205.70	attackbotsspam	Aug 21 13:10:08 localhost sshd\[67664\]: Invalid user mktg3 from 177.220.205.70 port 4560 Aug 21 13:10:08 localhost sshd\[67664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.205.70 Aug 21 13:10:10 localhost sshd\[67664\]: Failed password for invalid user mktg3 from 177.220.205.70 port 4560 ssh2 Aug 21 13:15:37 localhost sshd\[67917\]: Invalid user bbbbb from 177.220.205.70 port 3230 Aug 21 13:15:37 localhost sshd\[67917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.205.70 ...	2019-08-21 21:35:35
5.141.86.95	attackspambots	[munged]::443 5.141.86.95 - - [21/Aug/2019:13:42:57 +0200] "POST /[munged]: HTTP/1.1" 200 9039 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 5.141.86.95 - - [21/Aug/2019:13:42:59 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 5.141.86.95 - - [21/Aug/2019:13:43:01 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 5.141.86.95 - - [21/Aug/2019:13:43:03 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 5.141.86.95 - - [21/Aug/2019:13:43:06 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 5.141.86.95 - - [21/Aug/2019:13:43:10 +0200] "POST	2019-08-21 21:15:36
43.226.37.203	attackspam	Aug 21 14:46:20 dedicated sshd[28934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.37.203 user=root Aug 21 14:46:22 dedicated sshd[28934]: Failed password for root from 43.226.37.203 port 42676 ssh2	2019-08-21 21:17:25

最近上报的IP列表

98.137.64.30	42.235.213.100	18.224.72.113	95.0.226.122
63.134.242.52	104.192.74.197	210.176.100.37	45.232.242.239
189.221.47.1	168.0.83.193	104.245.144.61	21.232.76.186
41.41.77.39	39.64.184.131	177.196.207.139	130.161.64.212
244.132.63.67	192.99.175.190	173.212.212.109	35.240.134.192